<?php
/**
 * Nordic Repository
 * 
 * LICENSE
 * 
 * The new BSD license is applied on this source-file. For further
 * information please visit http://license.nordic-dev.de/newbsd.txt
 * or send an email to andre.moelle@gmail.com.
 */


/**
 * This class contains security-relevant methods.
 * 
 * @category   Nordic
 * @package    Nordic_Security
 * @copyright  2007 Nordic Development
 * @license    http://license.nordic-dev.de/newbsd.txt (New-BSD license)
 * @author     Andre Moelle <andre.moelle@gmail.com>
 * @version    $Id: Security.php 3 2007-07-08 09:21:42Z andre.moelle $
 */
final class Nordic_Security
{
	/**
	 * This method creates a random-string.
	 * 
	 * @param Integer $len length of the string
	 * @return String
	 */
	public static function createString ($len = 32)
	{
		$result = '';
		
		while($len > 0)
		{
			$result .= 
				substr(
					md5(
						uniqid(rand(), true)
					),
					0, 
					($len < 32 ? $len : 32)
				);
			
			$len -= ($len > 32 ? 32 : $len);
		}
		
		return $result;
	}
	
	/**
	 * This method encrypts a string.
	 * 
	 * @param String $content string
	 * @param String $cipher cipher
	 * @param String $key key
	 * @param String $mode options
	 * @return String
	 */
	public static function cryptContent ($string, $cipher, $key, $mode)
	{
		$key = self::cryptString($key);
		
		return mcrypt_encrypt($cipher,$string,$key,$mode);
	}
	
	/**
	 * This method hashes a string to make it more secure.
	 * 
	 * It uses a salt for making the hash more secure.
	 * 
	 * @static
	 * @param String $string string to hash
	 * @param String $salt salt
	 * @return String
	 */
	public static function cryptString ($string, $salt)
	{
		return sha1($salt . sha1($string . $salt));
	}
	
	/**
	 * Decrypts a string.
	 * 
	 * @param String $content encrypted content
	 * @param String $cipher cipher
	 * @param String $key key
	 * @param String $mode options
	 */
	 public static function decryptContent ($content, $cipher, $key, $mode)
	{
		$key = self::cryptString($key);
		
		return mcrypt_decrypt($cipher, $content, $key, $mode);
	}
	
	/**
	 * Reverses the effect of secureString on an array.
	 * 
	 * @param Array $array array to reverse
	 * @return Array
	 */
	public static function reverseArray ($array, $type = 0)
	{
		foreach($array as $key => $value)
		{
			if(is_array($value))
				$array[$key] = self::reverseArray($value, $type);
			else
				$array[$key] = self::reverseString($value, $type);
		}
		
		return $array;
	}
	
	/**
	 * Reverses the effect of secureString on a string.
	 * 
	 * @param String $string String to reverse
	 * @param Integer $type second parameter for html_entity_decode
	 * @return String
	 */
	public static function reverseString ($string, $type = 0)
	{
		return html_entity_decode(
			$string,
			($type == 0 ? ENT_QUOTES : $type)
		);
	}
	
	/**
	 * This method secures an array with secureString.
	 * 
	 * @param Array $array Zu sicherndes Array
	 * @return Array
	 */
	public static function secureArray ($array, $type = 0)
	{
		foreach($array as $key => $value)
		{
			if(is_array($value))
				$array[$key] = self::secureArray($value, $type);
			else
				$array[$key] = self::secureString($value, $type);
		}
		
		return $array;
	}
	
	/**
	 * Secures a string against XSS.
	 * 
	 * The HTML-relevant characters are replaced by their
	 * HTML-equivalent.
	 * 
	 * @param String $string string to secure
	 * @param Integer $type second parameter for htmlentities
	 * @return String
	 */
	public static function secureString ($string, $type = 0)
	{
		/**
		 * @TODO: Replace CHARSET.
		 */
		
		return htmlentities(
			stripslashes($string),
			($type == 0 ? ENT_QUOTES : $type),
			CHARSET
		);
	}
}
?>